<?php
header('Content-Type:text/html;charset=UTF-8');
error_reporting(3);
set_magic_quotes_runtime(0);
defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
include_once (ROOT.'/libs/Smarty.class.php');
include_once (ROOT.'/config.php');
include_once (ROOT.'/include/app.class.php');
include_once ROOT."/class/ebase.class.php";
include_once ROOT.'/class/users/user.class.php'; 
app::load(ROOT."/include/page.class.php");
//提取变量及转义后数据
@extract(daddslashes($_COOKIE));
@extract(daddslashes($_POST));
@extract(daddslashes($_GET));  
if(!MAGIC_QUOTES_GPC) {
	$_FILES = daddslashes($_FILES);
}
$smarty = new Smarty;
//$smarty->force_compile = true;
$smarty->left_delimiter="{#"; 
$smarty->right_delimiter="#}"; 
$smarty->debugging = false;
$smarty->caching =false;
$smarty->cache_lifetime = 0;
$Smarty->allow_php_tag=true;
define("SITE_URL",$GLOBALS['cfg']['url'].$GLOBALS['cfg']['rootpath']);
//定义样式路径
$smarty->assign("RS_URL",SITE_URL.$GLOBALS['cfg']['tplpath']);
$smarty->assign("SITE_URL",SITE_URL);
$smarty->assign("title",$GLOBALS['cfg']['webtitle']);
$smarty->assign("Copyright",$GLOBALS['cfg']['Copyright']);
$SGLOBAL['cfg']['smarty']=$smarty;
$smarty->assign('cursor',setCursor());
$user = new user();
getpost('GET',1);
getpost('POST',1);
if($_GET['m'])
include_once (ROOT."/modules/check.inc.php");//检测登录和操作权限

function setCursor(){
	$m=$_GET['m'];
	return $m;
}
/**
 * 信息提示页面
 * @param msgtype 信息类型
 * @param msg 提示信息
 * @param url 返回的URL或跳转的URL
 * @param ifAjax 是否AJAX信息窗口 
 * @param $jumptime 是否跳转0.否  非0则X秒后跳转
 * @return void
 */
function showmsg($msgtype=1,$msg="",$url="",$ifAxax=0,$jumptime="0")
{
	
}
/**
 * 防注入
 * @param 字符串 $string
 * @param 是否强制转换 $force
 */	
function daddslashes($string, $force = 0) {
	if(!$GLOBALS['magic_quotes_gpc'] || $force) {
		if(is_array($string)) {
			foreach($string as $key => $val) {
			$string[$key] = daddslashes($val, $force);
		}
		} else {
		 $string = htmlspecialchars(addslashes($string));
		}
	}
	return $string;
}
/**
 * get and post的处理
 * @param unknown_type $string
 * @param unknown_type $force
 */
function getpost($type='GET', $force = 1) {
	if($type=='GET'){
		foreach($_GET as $key => $val)
		{
			if(is_array($val)){
				foreach($val as $keys => $vals) {
					$_GET[$key][$keys] = daddslashes($vals, $force);
				}
			}else{
				  $_GET[$key] = daddslashes($val,1);
			}
		}
	}else{
		foreach($_POST as $key => $val)
		{
			if(is_array($val)){
				foreach($val as $keys => $vals) {
					$_POST[$key][$keys] = daddslashes($vals, $force);
				}
			}else{
				  $_POST[$key] = daddslashes($val,1);
			}
		}
	}
}
/**
 * 从数据库中提取数据时对转义过的字符串进行处理
 * @param unknown_type $string
 */
function _stripslashes($string) {
	if(is_array($string)) {
		foreach($string as $key => $val) {
			$string[$key] = _stripslashes($val);
		}
	} else {
		$string = stripslashes($string);
	}
	return $string;
}

?>